shibboleth-dev - RE: OpenID2 to SAML2 to SAML1.1 ... to Shib, anyone?
Subject: Shibboleth Developers
List archive
- From: "caleb racey" <>
- To: <>
- Subject: RE: OpenID2 to SAML2 to SAML1.1 ... to Shib, anyone?
- Date: Wed, 19 Mar 2008 14:40:10 -0000
You might be interested in the plan of an ongoing JISC project to look
at openID
http://www.jisc.ac.uk/whatwedo/programmes/programme_einfrastructure/revi
ewofopenid.aspx
I'm not involved in this project, so may be getting the wrong idea, but
it looks like you may be trying to achieve the same things.
>-----Original Message-----
>From: Peter Williams
>[mailto:]
>Sent: 19 March 2008 00:14
>To:
>
>Subject: OpenID2 to SAML2 to SAML1.1 ... to Shib, anyone?
>
>Discussion on the OpenID "general" mailing list suggests that it would
be a
>useful experiment to let OpenID communities and Shib communities
interwork
>as a technical level. As probably the most vocal party on the topic of
>OpenID & SAML interoperability, I am seeking an expression of support
from
>anyone who would like to technically assist me bridge my existing
>Openid2/SAML gateway, to Shib!
>
>
>
>The Rapattoni OpenID websso infrastructure is tailored for the US
Realtors
>-a diverse group of people managed in a thousand jurisdictions. The
>infrastructure now includes experimental gateway between endpoints
>performing the OpenID protocol and endpoints performing the SAML1/SAML2
>protocol. Several authentication methods have been deployed (military
>smartcards, RSA One Time Passwords, anti-Phishing user interfaces, SMS
and
>voice callbacks). Using these capabilities, demonstrations have already
>been mounted allowing the WebSSO bridge to create the illusion of an
OpenID
>logon to Google's SAML2-enabled Google Apps sites. Similarly, SAML2 IDP
>websites have been demonstrated to login to sites armed only with
OpenID
>protocols. With suitable technical wizardry, I've little doubt that we
can
>now bridge the gateways SAML1.1 endpoints to Shib endpoints - given
Shib is
>a profile of the SAML1.1 standard.
>
>
>
>If we can accomplish the above, two worthwhile goals will have been
met:
>(1) the grassroots-centric OpenID standards process will gain direct
access
>to the federation trust modeling work perfected in Shib, and (2) if the
>approach were to be adopted by the Shib community, academic users with
Shib
>credentials would be able to exploit them on the fast emerging OpenID-
>enabled sites.
>
>
>
>Peter.
- OpenID2 to SAML2 to SAML1.1 ... to Shib, anyone?, Peter Williams, 03/18/2008
- RE: OpenID2 to SAML2 to SAML1.1 ... to Shib, anyone?, Scott Cantor, 03/18/2008
- RE: OpenID2 to SAML2 to SAML1.1 ... to Shib, anyone?, Peter Williams, 03/19/2008
- RE: OpenID2 to SAML2 to SAML1.1 ... to Shib, anyone?, Scott Cantor, 03/19/2008
- RE: OpenID2 to SAML2 to SAML1.1 ... to Shib, anyone?, Peter Williams, 03/20/2008
- RE: OpenID2 to SAML2 to SAML1.1 ... to Shib, anyone?, Scott Cantor, 03/20/2008
- RE: OpenID2 to SAML2 to SAML1.1 ... to Shib, anyone?, Peter Williams, 03/20/2008
- Re: OpenID2 to SAML2 to SAML1.1 ... to Shib, anyone?, Brent Putman, 03/21/2008
- RE: OpenID2 to SAML2 to SAML1.1 ... to Shib, anyone?, Peter Williams, 03/20/2008
- RE: OpenID2 to SAML2 to SAML1.1 ... to Shib, anyone?, Scott Cantor, 03/19/2008
- RE: OpenID2 to SAML2 to SAML1.1 ... to Shib, anyone?, Peter Williams, 03/19/2008
- RE: OpenID2 to SAML2 to SAML1.1 ... to Shib, anyone?, caleb racey, 03/19/2008
- RE: OpenID2 to SAML2 to SAML1.1 ... to Shib, anyone?, Scott Cantor, 03/18/2008
Archive powered by MHonArc 2.6.16.